Lines 71-77
int __init security_init(void)
Link Here
|
71 |
* |
71 |
* |
72 |
* This function is to allow a security module to register itself with the |
72 |
* This function is to allow a security module to register itself with the |
73 |
* kernel security subsystem. Some rudimentary checking is done on the @ops |
73 |
* kernel security subsystem. Some rudimentary checking is done on the @ops |
74 |
* value passed to this function. |
74 |
* value passed to this function. A call to unregister_security() should be |
|
|
75 |
* done to remove this security_options structure from the kernel. |
75 |
* |
76 |
* |
76 |
* If there is already a security module registered with the kernel, |
77 |
* If there is already a security module registered with the kernel, |
77 |
* an error will be returned. Otherwise 0 is returned on success. |
78 |
* an error will be returned. Otherwise 0 is returned on success. |
Lines 121-126
int mod_reg_security(const char *name, s
Link Here
|
121 |
return security_ops->register_security(name, ops); |
122 |
return security_ops->register_security(name, ops); |
122 |
} |
123 |
} |
123 |
|
124 |
|
|
|
125 |
#ifdef CONFIG_SECURITY_MODULAR |
126 |
/** |
127 |
* unregister_security - unregisters a security framework with the kernel |
128 |
* @ops: a pointer to the struct security_options that is to be registered |
129 |
* |
130 |
* This function removes a struct security_operations variable that had |
131 |
* previously been registered with a successful call to register_security(). |
132 |
* |
133 |
* If @ops does not match the valued previously passed to register_security() |
134 |
* an error is returned. Otherwise the default security options is set to the |
135 |
* the dummy_security_ops structure, and 0 is returned. |
136 |
*/ |
137 |
int unregister_security(struct security_operations *ops) |
138 |
{ |
139 |
if (ops != security_ops) { |
140 |
printk(KERN_INFO "%s: trying to unregister " |
141 |
"a security_opts structure that is not " |
142 |
"registered, failing.\n", __FUNCTION__); |
143 |
return -EINVAL; |
144 |
} |
145 |
|
146 |
security_ops = &dummy_security_ops; |
147 |
|
148 |
return 0; |
149 |
} |
150 |
|
151 |
/** |
152 |
* mod_unreg_security - allows a security module registered with mod_reg_security() to be unloaded |
153 |
* @name: a pointer to a string with the name of the security_options to be removed |
154 |
* @ops: a pointer to the struct security_options that is to be removed |
155 |
* |
156 |
* This function allows security modules that have been successfully registered |
157 |
* with a call to mod_reg_security() to be unloaded from the system. |
158 |
* This calls the currently loaded security module's unregister_security() call |
159 |
* with the @name and @ops variables. |
160 |
* |
161 |
* The return value depends on the currently loaded security module, with 0 as |
162 |
* success. |
163 |
*/ |
164 |
int mod_unreg_security(const char *name, struct security_operations *ops) |
165 |
{ |
166 |
if (ops == security_ops) { |
167 |
printk(KERN_INFO "%s invalid attempt to unregister " |
168 |
" primary security ops.\n", __FUNCTION__); |
169 |
return -EINVAL; |
170 |
} |
171 |
|
172 |
return security_ops->unregister_security(name, ops); |
173 |
} |
174 |
|
175 |
EXPORT_SYMBOL_GPL(register_security); |
176 |
EXPORT_SYMBOL_GPL(unregister_security); |
177 |
EXPORT_SYMBOL_GPL(mod_reg_security); |
178 |
EXPORT_SYMBOL_GPL(mod_unreg_security); |
179 |
#endif |
180 |
|
124 |
/* Security operations */ |
181 |
/* Security operations */ |
125 |
|
182 |
|
126 |
int security_ptrace(struct task_struct *parent, struct task_struct *child) |
183 |
int security_ptrace(struct task_struct *parent, struct task_struct *child) |